Re: [PATCH V2] x86/ftrace: Make sure that ftrace trampolines are not RWX
From: Michael Ellerman
Date: Fri May 26 2017 - 07:40:52 EST
Heiko Carstens <heiko.carstens@xxxxxxxxxx> writes:
> On Fri, May 26, 2017 at 09:03:13AM +0200, Thomas Gleixner wrote:
>> > It seems like it really should. That would put it in a single place
>> > and avoid this mistake again in the future. Does module_memfree() have
>> > access to the allocation size, or does that need to get plumbed?
>>
>> No, it doesn't. But the number of instances is pretty limited.
>>
>> Btw, looking at BPF. It allocates memory via module_alloc() which means
>> it's RWX. There is nothing in that BPF code which changes the permissions
>> afterwards ....
>
> For BPF you're probably referring to bpf_jit_binary_alloc()? Permissions
> are changed with bpf_jit_binary_lock_ro() within each architecure backend.
>
> Well, except for powerpc (cc'ed Michael).
[hangs head in shame]
Thanks, we are working on this stuff (stricter RWX perms) at the moment,
so will add this to the list. It's complicated somewhat by the variety
of MMUs we support, but still.
cheers